[הרחב אבסטרקטים - Expand Abstracts]
|
|
|
התכנסות, כיבוד קל
|
09:00
|
|
דברי פתיחה
|
09:30
|
|
פרופ' מרק זילברשטיין, הטכניון
When SGX Fell Victim to Speculative Execution Bugs
This talk will elaborate on the details of the recent Foreshadow speculative execution attack. The first variant of Foreshadow breaks the SGX confidentiality guarantees and enables us to circumvent the SGX remote attestation mechanism. Later, Intel's continued investigation revealed two other variants, with the most devastating one allowing a malicious Guest OS running in a virtual machine to access the host data. The talk will also explain a few less known technical details and will discuss some non-technical implications of this attack.
Joint work with Jo Van Bulck, Frank Piessens, Raoul Strackx (imec-DistriNet, KU Leuven), Marina Minkin (Technion & University of Michigan), Ofir Weisse, Daniel Genkin, Baris Kasikci, Thomas F. Wenisch (University of Michigan), Yuval Yarom (University of Adelaide and CSIRO's Data61).
שקפים
|
09:35
|
|
יובל ויסגלס, HARMAN International
Deep Fooling - Real-World Attacks Against Vehicles' Perception Systems
As modern cars become more computerized and connected, the
cyber-physical threat has grew significantly as well. Now, with the
introduction of semi-autonomous vehicles and the ability of cars to
perceive their environment and self-control the speed and driving
direction, the attack surface grows even further. What new
vulnerabilities brings AI to automobiles? What is the real-world
feasibility of exploiting these new vulnerabilities to control a
moving car? In his talk, Yuval will show how vulnerabilities existing
in modern perception systems, as found on production vehicles, can be
exploited to form real-world attacks.
Yuval Weisglass is Vice President Automotive Cyber Security at HARMAN
International, a subsidiary of Samsung Electronics Co. Yuval joined
HARMAN with the acquisition of TowerSec in January 2016 where he
served as Co-Founder & CTO. Yuval has over 20 years of experience in
cybersecurity both as a security researcher and as a leader of R&D
groups specializing in security-related innovation projects. Among
Yuval’s unique expertise are: security research and security design of
embedded systems, research of side-channel attacks on secured elements
and long-time hobby of reverse engineering vehicle’s systems. Before
founding TowerSec in 2013, Yuval spent 11 years at the Israeli
Security Agency where he held senior R&D management roles in the field
of cybersecurity. Yuval is an alumni of the elite intelligence 8200
Unit of the Israel Defense Forces, where he served as an officer in
the field of advanced technology research.
|
10:20
|
|
הפסקה + הצגת פוסטרים
|
11:05
|
|
אסף הראל, קרמבה סקיוריטי
Automotive Security: Think Like a Hacker
As vehicles are getting connected, cyber security attacks are starting to be common to the automotive industry. In this talk we will describe the hacker perspective to the automotive industry and to the problem of hacking into a vehicle.
Assaf Harel is the Chief Scientist & co-founder of Karamba.
Assaf has broad experience with embedded, networking, security and mobile technologies. He was Senior Research and Development (R&D) Manager at Check Point Software Technologies (NASDAQ:CHKP), overseeing the development of several innovative, emerging endpoint security products and technologies. Previously, he held software development positions at Metalink and Dune Networks. Assaf served in the elite intelligence unit of the Israeli Defense Forces (IDF). He received a B.Sc. and M.Sc. Cum Laude in Computer Science from the Technion and an MBA Cum Laude from Haifa University.
שקפים
|
11:35
|
|
Keynote lecture
Prof. Bart Preneel, KU Leuven (Belgium)
ההרצאה תינתן באנגלית - Lecture will be given in English
The Future of Security and Privacy
This talk analyzes how technology trends such as the Internet of Things, Big Data and AI are affecting privacy and security. While these technologies bring great benefits to society, they are also changing the power relations and hence disturbing the balance between individuals, companies and governments. Among the more worrying trends are the expansion of mass surveillance and the growing number of active attacks by malicious actors, law enforcement and intelligence, which increase the risk in the digital ecosystem. We explore how novel architectures, cryptographic techniques and open solutions can help to turn the tide.
Bart Preneel is full professor and head of COSIC, an imec research group at the KU Leuven. COSIC currently has 80 members, including 7 professors, 20 postdoctoral researchers, and more than 40 PhD students. Bart Preneel has been visiting professor at five universities in Europe. He has authored more than 400 scientific publications. His main research interests are cryptography, information security and privacy. Bart Preneel has coordinated the Network of Excellence ECRYPT (2004-2018, 250 researchers) and is coordinating the Marie-Curie ITN ECRYPT.NET. He has served as panel member and chair for the European Research Council and has been vice-president and president of the IACR (International Association for Cryptologic Research). He is a member of the Permanent Stakeholders group of ENISA (European Network and Information Security Agency) and of the Academia Europaea. He has been invited speaker at more than 120 conferences in 50 countries. He received the RSA Award for Excellence in the Field of Mathematics (2014), was nominated as fellow of the IACR (2015) and received the ESORICS Outstanding Research Award (2017). In 2013, he testified in the European Parliament for the LIBE Committee Inquiry on Electronic Mass Surveillance of EU Citizens. Bart Preneel frequently consults for and collaborates with companies; those include high tech leaders but also start-ups. This work has resulted in several patents and widely used solutions.
שקפים
|
12:20
|
|
הפסקה וארוחת צהריים קלה
|
13:20
|
|
Keynote lecture
פרופ' עדי שמיר, מכון ויצמן למדע
ההרצאה תינתן באנגלית - Lecture will be given in English
A Simple Explanation for the Mysterious Existence of Adversarial Examples with Small Hamming Distance
The existence of adversarial examples in which tiny changes in the
input can fool well trained neural networks has many applications and
implications in cyber security, but it is still far from being
understood, and in particular it is not clear which parameters
determine the number of input coordinates one has to change in order
to mislead the network. In this talk I will describe a simple
mathematical framework which enables us to think about this problem
from a fresh perspective, turning the existence of adversarial
examples from a baffling phenomenon into a natural consequence of the
geometry of R^n with the $L_0$ (Hamming) metric, which can be
quantitatively analyzed.
|
14:20
|
|
פרופ' אלי ביהם, הטכניון
TCAN: Authentication Without Cryptography on a CAN Bus
In this talk we present TCAN, an authentication mechanism for messages
on the CAN bus that does not require cryptography. TCAN ensures that
the messages are sent by their alleged senders, and are not forged by
other parties connected to the bus. The main idea of TCAN is to
identify nodes on the bus by their physical location. In order to
uniquely identify nodes by their physical location we install
dedicated nodes on the bus that measure reception time differences,
which are correlated to the senders' location on the bus due to the
fixed speed of propagation.
This is a joint work with Eli Gavril and Sara Bitan.
שקפים
|
15:20
|
|
דברי סיום
|
16:05
|
|
|